New data reveals two-thirds of global consumers have experienced tech support scams

Oct 17, 2016 5:39am

tech support scamsIf you haven’t experienced a tech support scam yet, chances are you know someone who has. As part of National Cyber Security Awareness Month, Microsoft has released the results of a new global survey revealing 2 out of 3 people have experienced a tech support scam in the last 12 months. View key results in this infographic.

Further findings from the survey include:

  • 1 in 5 consumers surveyed continued with a potentially fraudulent interaction after first being contacted, meaning they downloaded software, visited a scam website, gave the fraudsters remote access to their device or provided credit card information or other form of payment.
  • Nearly 1 in 10 have lost money to a tech support scam.
  • Of those who continued with a fraudulent interaction, 17 percent of them were older than 55, while 34 percent were between the ages of 36 and 54.
  • Surprisingly, 50 percent of those who continued were millennials between the ages of 18 and 34.
  • Consumers in India (54%), China (35%) and the United States (33%) had a greater likelihood of continuing with the fraudulent interaction.
  • In India and the United States, 1 in 5 reported losing money to these scams.
  • The most common victim experience with tech support scams is through software downloads or visits to malicious websites.
  • In the United States, 55 percent of those who continued with a scam, lost money.
  • 92 percent of those who lost money in the United States said they have recovered at least some of their money. Fifty-eight percent in China and 67 percent in India have also recovered at least some of the money.

The global survey was conducted in summer 2016 and included respondents from Australia, Brazil, Canada, China, Denmark, France, Germany, India, Singapore, South Africa, the United Kingdom and the United States.

The “old school” method of tech support scams follows an all-too-common pattern: fraudster calls a senior citizen at home claiming to have a relationship with a reputable company; misrepresents the existence of malware, computer viruses or other technical problems on a personal computer; and proceeds to sell the senior citizen unnecessary tech support for a fee.  

While the above method still occurs today, new research indicates a startling number of millennials are falling victim to tech support fraud. Fifty percent of all respondents who continued with a fraudulent interaction fell between the ages of 18 and 34.  These results may – at first glance – appear surprising, challenging our pre-conceived notions that fraudsters target senior citizens. 

But, the new research also reveals that fraudsters’ tactics are evolving. By leveraging pop-ups, unsolicited email and scam websites as additional entry points for scams, fraudsters are reaching a broader number of people including younger than expected victims. The data indicates that victims older than 65 are more likely to be reached by telephone (44% unsolicited call, 38% pop-up or online ad, 33% unsolicited email, and 26% redirected to website).[1]  In contrast, millennials aged 18 to 34 are more likely to have been redirected to a fraudulent website (50%) or duped by a pop-up advertisement (59%) as compared to receiving an unsolicited call (26%).

When looking at the survey results, it is important not to get distracted by how the scams are initiated. Regardless of the audience or the entry method, the goal of the fraudster remains the same – use fear and deception to persuade a customer to call for support, then seek remote access to the customer’s device and provide a fraudulent sales pitch.  Lastly, the fraudster charges the victim for unnecessary and ineffective tech support services, while saving the victim’s contact information for future fraudulent activity.  

Every consumer need to be vigilant and skeptical of any person who seeks remote access to their device.    During a remote access session, fraudsters can access personal and financial information, alter device settings and leave behind unwanted or even malicious software. Previous reports indicate that fraudsters have turned off anti-virus software, downloaded unwanted and potentially harmful software and often regained access to the computer long after the “support session” had ended. 

We know consumers have lost hundreds of millions of dollars from tech support scams, yet it’s often hard to quantify total financial loss because many victims are too embarrassed or scared to report their experience and may be unaware they were even scammed.  One significant highlight in the survey data is that victims who lost money during their fraudulent interaction were able to recover at least some of their financial losses[2].

How to Spot Tech Support Scams

As indicated by the survey, while seniors have grown to be more skeptical of these scams, all consumers would also benefit from learning how to spot these crimes. If you receive a notification or call from someone claiming to be from a reputable software company, here are a few key tips to keep in mind:

  • Do not purchase any software or services.
  • Ask if there is a fee or subscription associated with the "service." If there is, hang up.
  • Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.
  • Take the person's information down and immediately report it to your local authorities.

Fighting Tech Support Scams 

Anyone using a computer or other device to go online is susceptible to tech support scams, and we at Microsoft are fighting hard to ensure everyone can enjoy a safe and trusted online experience.

We encourage victims to report their experience with tech support scams directly to Microsoft and appropriate authorities. The data you provide can help Microsoft and law enforcement investigate these scams and hold fraudsters accountable.  Since 2014, Microsoft has supported law enforcement agencies across the country who took legal action against known fraudsters responsible for approximately $165 million in consumer losses. We also partner with organizations like AARP to help educate people on how to spot and avoid scams they encounter. You can find more information about some of those efforts here:

  • Microsoft and AARP published a joint booklet, informing seniors about tech support scams and helping victims take action
  • Earlier this year, Microsoft held training events at Microsoft stores in the U.S. to arm individuals and families with important information to avoid tech support scams
  • In Chicago, Microsoft recently created a “DigiSeniors” program and partnered with local government agencies to create a “Train the Trainer” workshop where dozens of volunteers will be trained as instructors on how to spot a tech support scam

While we are proud of this work, we recognize there is still more to be done to keep people of all ages from falling prey to cybercriminals. To that end, we continue to innovate new ways our technologies protect customers from online threats. Microsoft has built-in protection in Windows 10 which includes more security features, safer authentication and ongoing updates delivered for the supported lifetime of a device. Windows Defender delivers comprehensive, real-time protection against software threats across email, cloud and web. And the SmartScreen filter, built into Windows, Microsoft Edge and Internet Explorer, helps protect against malicious websites and downloads.  Windows PCs, phones and Xbox use this always up-to-date feature to protect against phishing and malware threats.

Call to action:

Above all, the best thing you can do to help protect yourself is to educate yourself. Please check out Microsoft’s resources and build your awareness about some of these scams. It’s important to remember that Microsoft will never contact you asking for credit card information.

Learn more about how to avoid technical support scams here.

About the Author

Courtney Gregoire is a senior attorney in Microsoft’s Digital Crimes Unit.

[1] Survey respondents could indicate if they had multiple modes of experience with scams. 

[2] Of those who lost money in the United States, 92% report having recovered at least some of their losses.  In China, 58% report having recovered some of their losses.   In India, 67% report having recovered some of their losses.